I think I got it working, but if someone could tell me whether this is "correct" or if there's a better way, I would appreciate it; or if this is the best way then it could be added to the documentation.
# First create the instance and set up the pool6 jool instance add --netfilter --pool6 xxxx:xxxx::/96 # Then put ALL ports of the gateway's IPv4 address into the pool4 jool pool4 add --tcp 100.127.255.253 1-65535 jool pool4 add --udp 100.127.255.253 1-65535 jool pool4 add --icmp 100.127.255.253 1-65535 # At this point, I can create static BIB entries jool bib add --tcp 2607:f8b0:4002:c02::8a#80 100.127.255.253#80 My guess is that when you create the instance, it is willing to use any outbound IPv4 address, but as soon as you add a pool4, it restricts to that, and since I only put one port (80/tcp) into it, everything else got closed off. Am I right about that? Again, many thanks; jool is solving a LOT of problems in my data centers. -- Art From: Jool-list <[email protected]> On Behalf Of Art Cancro via Jool-list Sent: Thursday, February 18, 2021 6:48 PM To: Alberto Leiva <[email protected]> Cc: [email protected] Subject: Re: [Jool-list] DNAT "port mapping" through jool? [EXTERNAL] Manual entry to bib table looks like the right approach. I tried it today. 100.127.255.253 is the interface on the IPv4 side of my jool machine, and we are successfully doing NAT64 of a /96 block towards the IPv4 side... So as a test I am trying to see if we can get clients who connect to 100.127:255:253#80 to get the HTTP server at 2607:f8b0:4002:c02::8a#80 (which is google, but again it's just a test) So the command appears to be: jool bib add --tcp 2607:f8b0:4002:c02::8a#80 100.127.255.253#80 And the error response is: Error: The kernel module returned error 22: The transport address '100.127.255.253#80' does not belong to pool4. Please add it there first. So I tried: jool pool4 add --tcp 100.127.255.253 80 jool bib add --tcp 2607:f8b0:4002:c02::8a#80 100.127.255.253#80 This works for outbound connections, but it broke the NAT64 inbound connections. Does jool support pool6 IPv6-->IPv4 and manual bib IPv4-->IPv6 at the same time? From: Alberto Leiva <[email protected]> Woops, I meant sudo jool bib add cafe::1#80 203.0.113.1#80 On Wed, Feb 17, 2021 at 12:29 PM Alberto Leiva <[email protected]<mailto:[email protected]>> wrote: Try sudo jool bib add <Address of IPv6 server>#<Port of IPv6 server> <IPv4 address of Jool>#<Port of Jool mask> sudo jool bib add cafe::1#80 203.0.113.1:80<https://urldefense.com/v3/__http:/203.0.113.1:80__;!!LG9nLpOADg!B0yOLRqgb1DOljIz2V9bEd4Mmh0WJBBI_7SohIfZjT5ahPhvAWSGwHfF995pmBnNuw$>
_______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
